EUVD-2026-21402

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

EUVD-2026-21500

An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint...

CVE-2026-40223

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running...

UBUNTU-CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

CVE-2026-40223

Affected software: systemd, versions 258 prior to 260. Vulnerability: local unprivileged user can trigger an assertion if a Delegate=yes and User= unit exists and is running. Root cause: assertion path in systemd when the unit condition is met. Impact: results in an assertion (denial of service v...

CVE-2026-40223

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running...

CVE-2026-40223

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running...

Security update for nghttp2

This update for nghttp2 fixes the following issue: CVE-2026-27135: assertion failure due to missing state validation can lead to DoS bsc1259845. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

PT-2026-31936

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

openSUSE 16 Security Update : systemd (openSUSE-SU-2026:20471-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20471-1 advisory. Update to systemd v257.13: Security issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method...

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

BIT-NODE-MIN-2026-21712

A flaw in Node.js URL processing causes an assertion failure in native code when url.format is called with a malformed internationalized domain name IDN containing invalid characters, crashing the Node.js process...

BIT-NODE-2026-21712

A flaw in Node.js URL processing causes an assertion failure in native code when url.format is called with a malformed internationalized domain name IDN containing invalid characters, crashing the Node.js process...

FreeBSD : nghttp2 -- CWE-617: Reachable Assertion (c08273b5-30e5-11f1-b9f2-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c08273b5-30e5-11f1-b9f2-b42e991fc52e advisory. https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an...

GHSA-CF45-HXWJ-4CFJ Directus: Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow

Summary An open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass redirect allow-list validation and redirect users to arbitrary external domains upon...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the transportflagsfromdomain function. An attacker can cause a crash of the daemon by sending a D-Bus method call with conflicting publish flags. Remediation A fix was pushed into the master branch but not yet...

CVE-2026-34840

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, OneUptime's SAML SSO implementation App/FeatureSet/Identity/Utils/SSO.ts has decoupled signature verification and identity extraction. isSignatureValid verifies the first element in the XML DOM using...

JLSEC-2026-22

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service assertion failure and application exit via a '!2' string...